Lucene search
K

292 matches found

seebug.org
seebug.org
added 2017/11/09 12:0 a.m.44 views

Circle with Disney Apid Strstr Authentication Bypass Vulnerability(CVE-2017-2914)

Summary An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs...

8.1AI score0.01555EPSS
Exploits2
CVE
CVE
added 2016/02/03 3:0 p.m.65 views

CVE-2015-7546

CVE-2015-7546 affects OpenStack Keystone and related keystonemiddleware: the identity service fails to invalidate authorization tokens when using PKI or PKIZ providers, enabling remote authenticated users to bypass access controls by manipulating bytes in a revoked token. Affected versions includ...

7.5CVSS7.2AI score0.01708EPSS
Exploits0References5Affected Software1
Kitploit
Kitploit
added 2015/08/28 3:44 p.m.19 views

FruityWifi v2.2 - Wireless Network Auditing Tool

FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initialy the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2013/08/29 12:0 a.m.26 views

EMC RSA Authentication Agent Access Control Bypass Vulnerability - Windows

RSA Authentication Agent is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.5CVSS6.7AI score0.02661EPSS
Exploits0References5
NVD
NVD
added 2012/06/27 12:55 a.m.12 views

CVE-2012-2720

The Token Authentication tokenauth module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges...

5CVSS6.8AI score0.02422EPSS
Exploits0References7
Prion
Prion
added 2012/06/27 12:55 a.m.13 views

Authentication flaw

The Token Authentication tokenauth module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges...

5CVSS7.3AI score0.02422EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2012/06/27 12:0 a.m.41 views

CVE-2012-2720

The CVE-2012-2720 entry applies to the Drupal Token Authentication module (tokenauth) in 6.x-1.x prior to 6.x-1.7. The underlying issue is that sessions are not properly reverted, which could allow remote attackers to perform requests with extra privileges. Affected component: Tokenauth 6.x-1.x (...

5CVSS7AI score0.02422EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2012/06/27 12:0 a.m.19 views

CVE-2012-2720

The Token Authentication tokenauth module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges...

6.8AI score0.02422EPSS
Exploits0References7
Drupal
Drupal
added 2012/06/06 12:0 a.m.21 views

SA-CONTRIB-2012-091 - Token Authentication - Access bypass

The Token Authentication module provides a token for use in the URL to authenticate users to a site. Under certain uncommon situations, the module may not revert a user's session properly. Depending on how tokenauth is used, this could result in subsequent requests being performed as a user with...

5CVSS6.4AI score0.02422EPSS
Exploits0References9
myhack58
myhack58
added 2010/11/01 12:0 a.m.42 views

Netease Weibo CSRF two use-vulnerability warning-the black bar safety net

Does not perform token authentication vulnerable to CSRF attacks Detailed description: A malicious attacker may construct a malicious form, and the defrauded victims of the click, when the victim clicks on the link, on behalf of the victim to produce a microblogging information, this method can...

7AI score
Exploits0
securityvulns
securityvulns
added 2004/08/04 12:0 a.m.17 views

[Full-Disclosure] Clear text password exposure in Datakey's tokens and smartcards

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Clear text password exposure in Datakey's tokens and smartcards Classification: =============== Level: LOW-med-high-crit ID: HEXVIEW200408031 Overview: ========= Datakey http://www.datakey.com delivers smartcard and token-based authentication and...

Exploits0
Duo Security Advisories
Duo Security Advisories
added 1976/01/01 12:0 a.m.13 views

DUO-PSA-2020-003: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2020-003 Publication Date: 2020-06-30 Revision Date: 2020-06-30 Status: Confirmed, Fixed Document Revision: 2 Overview Duo has identified and fixed an issue in the Duo Connect client that allows end-users to choose insecure configurations. If...

0.1AI score
Exploits0
Rows per page
Query Builder